General

  • Target

    b8e9a922a95640df98801de4876760404311c9ce1780671838060d2c29b33e36

  • Size

    361KB

  • Sample

    240503-yfwmgagh34

  • MD5

    5b69ee906a17648602a341eeac90ac10

  • SHA1

    f6eeaa30511921336eb18f94ed534b73ae184d99

  • SHA256

    b8e9a922a95640df98801de4876760404311c9ce1780671838060d2c29b33e36

  • SHA512

    ea4156a26e67ea8e1d5fb1237e507c10a6eff289159bcf1b5bf15e5a21a937f6d82cd14373b8b8e28f21dfedef8b0d311106f636bd6dd8dd2491bf571e9629b2

  • SSDEEP

    6144:KZcZv7d7jWqM3BpyefILaDyZojLA10WDi:OcZv57juffoWU9i

Score
10/10

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

5.42.65.64

Attributes
  • url_path

    /advdlc.php

Targets

    • Target

      b8e9a922a95640df98801de4876760404311c9ce1780671838060d2c29b33e36

    • Size

      361KB

    • MD5

      5b69ee906a17648602a341eeac90ac10

    • SHA1

      f6eeaa30511921336eb18f94ed534b73ae184d99

    • SHA256

      b8e9a922a95640df98801de4876760404311c9ce1780671838060d2c29b33e36

    • SHA512

      ea4156a26e67ea8e1d5fb1237e507c10a6eff289159bcf1b5bf15e5a21a937f6d82cd14373b8b8e28f21dfedef8b0d311106f636bd6dd8dd2491bf571e9629b2

    • SSDEEP

      6144:KZcZv7d7jWqM3BpyefILaDyZojLA10WDi:OcZv57juffoWU9i

    Score
    10/10
    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks